package com.xiaofan.config;

import com.xiaofan.realm.CustomRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.Hashtable;
import java.util.LinkedHashMap;
import java.util.List;

/**
 * Shiro配置类
 *
 * @author 晓帆
 * @version 1.0
 **/
@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManagerd){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //配置核心组件
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManagerd);
        //配置拦截器，map中key是请求，value是拦截器，需要有序的一个map，用linkedHashmap
        LinkedHashMap<String, String> filterMap = new LinkedHashMap<>();

        filterMap.put("/wx/good/**","anon");
        //将这句放在最后，拦截器会依次执行，放在第一句会直接拦截所有请求，导致匿名访问的请求无法访问。
        filterMap.put("/**","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);

        //配置未认证请求重定向地址:写请求登录的url
        shiroFilterFactoryBean.setLoginUrl("admin/auth/login");
        return shiroFilterFactoryBean;
    }
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(CustomRealm customRealm){
        //核心配置类需要配置其他类的设置
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //配置自定义realm
        defaultWebSecurityManager.setRealm(customRealm);
        //配置WebSessionManager
        defaultWebSecurityManager.setSessionManager(defaultWebSessionManager());
        return defaultWebSecurityManager;

    }

    /**
     * shiro处理Session问题,维护session跨域的一致性
     * @return
     */
    @Bean
    public DefaultWebSessionManager defaultWebSessionManager(){
        MallSessionManager mallSessionManager = new MallSessionManager();
        return mallSessionManager;
    }

    /**
     * 配置通知器
     * @return
     */
    @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);
        return authorizationAttributeSourceAdvisor;
    }
    //注册通知器的实现了类，会被springboot自动管控，添加到通知器中
    @Bean
    public CustomAuthenticator authenticator(CustomRealm customRealm){
        CustomAuthenticator customAuthenticator = new CustomAuthenticator();
        List<Realm> realms = new ArrayList<>();
        realms.add(customRealm);
        customAuthenticator.setRealms(realms);
        return customAuthenticator;
    }
}
